NIST wants to phase out DES
- By William Jackson
- Jul 26, 2004
The 56-bit Data Encryption Standard has outlived its usefulness, and the National Institute of Standards and Technology has proposed withdrawing it from government use.
DES has been around as Federal Information Processing Standard 46-3 for more than 25 years and still may be used to protect government information. It has exceeded its anticipated 15-year life and has been supplanted by stronger, more efficient algorithms such as the Advanced Encryption Algorithm.
The most recent of NIST's regular five-year reviews of the standard showed that the venerable algorithm has fallen prey to advances in computing power.
'NIST determined that the strength of the DES algorithm is no longer sufficient to adequately protect federal government information,' the agency announced
in today's Federal Register.
A basic measure of an encryption algorithm's strength is the length of the key used to scramble messages. Each additional bit increases the number of possible combinations by a factor of two. For a 56-bit key, someone would have to correctly guess each of 2 possible numerals for all 56 bits in the key to break it. That is a formidable challenge, but not formidable enough for today's technology.
'DES is now vulnerable to key exhaustion using massive, parallel computations,' NIST concluded.
DES would remain as a component of the Triple Data Encryption Algorithm, TDEA, familiarly known as Triple DES. TDEA encrypts each block of a message three times with two or three different 56-bit keys, giving an effective key length of 112 or 168 bits. NIST describes this as a 'very strong' algorithm.
But AES, adopted as FIPS 197, uses 128, 192 or 256-bit key sizes.
'Though TDEA may be used for several more years to encourage widespread interoperability, NIST instead encourages agencies to implement the stronger and more efficient AES when building new systems,' NIST said.
NIST is accepting comments on the proposed withdrawal of FIPS 46-3 through Sept. 9. Comments can be e-mailed to DEScomments@nist.gov, or sent by regular mail to Chief, Computer Security Division, Information Technology Laboratory, ATTN: Commends on Proposed Withdrawal of DES, 100 Bureau Drive, Stop 8930, NIST, Gaithersburg, MD, 20899-8930.
William Jackson is a Maryland-based freelance writer.